Tomcat programmed authentication

How can I programmatically set a user in the Tomcat container? My scenario is that I want to send a 1024-bit key to a user. That user will give that key to a specific servlet. That servlet will take that key and lookup user information. I want to then let Tomcat know who the user is so that request.getRemoteUser() will work on subsequent page loads.

For a servlet container, with Tomcat 3.2.1 It
provides the ability to create custom "request interceptors" which allow you
to substitute your own security model into the servlet framework. Tomcat
comes with two pre-built request interceptors already:

SimpleRealm -- which uses a tomcat-users.xml file found in
<tomcat-root>/conf to statically load users, groups, and roles upon Tomcat
startup.

JDBCRealm -- which works in a similar fashion but uses a JDBC data source as
a back-end.

0

mjschehlAuthor Commented: 2004-04-22

How would I set the Remote User in a filter when I use custom "request interceptor"?

I actually already programmed my own realm, so that would be great if I can just update it to set the remote user programmatically.